[wp-trac] [WordPress Trac] #46086: In WSOD protection, only pause plugins/themes for validated users

WordPress Trac noreply at wordpress.org
Wed Jan 23 21:55:37 UTC 2019 

#46086: In WSOD protection, only pause plugins/themes for validated users
----------------------------+-----------------------------
 Reporter:  WFMattR         |      Owner:  (none)
     Type:  defect (bug)    |     Status:  new
 Priority:  normal          |  Milestone:  Awaiting Review
Component:  Bootstrap/Load  |    Version:  trunk
 Severity:  normal          |   Keywords:
  Focuses:                  |
----------------------------+-----------------------------
 Related to #44458, WSOD protection could still potentially be triggered by
 logged-in users who are not admins on wp-admin/ pages, or anonymous users
 on at least wp-login.php.

 This ticket suggests that when a plugin/theme is added to the "paused"
 list, it could be paused only for validated users. Validation could be
 done by emailing the site admin (or all admins/super-admins) a special
 link with a random string similar to those used in password resets, and
 clicking the link could set a cookie that allows plugins/themes paused
 only for their session, including on the login page.

 The site could still collect the list of paused plugins/themes the same
 way it's currently designed, and other users on the site, who may not be
 having any problems, will still have all plugins and the theme active.
 Since the original ticket was about trying to prevent WSODs for users
 updating PHP, and allowing admins to fix the issues that occur in plugins,
 this helps limit the effect to admins.

 Related: a few other tickets will decrease how often pausing occurs, so
 plugins/themes will be less likely to be paused unnecessarily:
 * #45940 - WSOD protection should disable plugins in fewer situations
 * #46066 - Only pause plugins/themes for persistent errors
 * #45888 - Provide Opt-Out for WSOD Protection

 But pausing could still be an issue for plugins/themes that only have a
 fatal error in limited situations, in some cases including invalid user
 input. 45940 and 45888 mention concern of attacks where non-admins could
 cause a plugin/theme to be paused too, and I mentioned similar issues in a
 comment on #44458. It looks like #45888 is still scheduled for 5.1, but it
 is not complete yet and only prevents pausing of plugins that add a
 header, which is good for security plugins, but not other plugins that an
 admin might consider to be critical to the site's operation. (Non-security
 plugins might also misuse that header to prevent pausing, to try to work
 around being paused for uncommon errors.)

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/46086>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list